﻿<?php
session_start();
include "connectsql.php";

if (isset($_SESSION["ceo"]) && $_SESSION["ceo"] == true) {
	$manager = $_SESSION["manager"];
} else {
	die (ECHO_ERROR);	
}

if (isset($_REQUEST["file"])) {
	$file = $_REQUEST["file"];
	if ($file == "") {
		die (ECHO_ERROR);
	}
} else {
	die (ECHO_ERROR);
}

$path = "upload/".md5($manager.DB_PWD.$manager)."/";

if (file_exists($path.$file)) {
	unlink($path.$file);
}

if (rename($path."tmp/".$file, $path.$file)) {
	$sql = "delete from ".SetDB_FILE_TAB($manager)." where `filename` = '".$file."' and `extrainfo` = '0'";
	mysqli_query($link, $sql) or die(ECHO_MYSQL_ERROR_QUERY_TABLE_TO_DEL);

	$sql = "update ".SetDB_FILE_TAB($manager)." set `extrainfo` = '0'";
	if (isset($_REQUEST["typestr"])) {
		$typestr = $_REQUEST["typestr"];
		if ($typestr != "") {
			$sql .= ", `typestr` = '".$typestr."'";
		}
	}
	if (isset($_REQUEST["name"]) && isset($_REQUEST["info"]) && isset($_REQUEST["limit"])) {
		$name = $_REQUEST["name"];
		$info = $_REQUEST["info"];
		$limit = $_REQUEST["limit"];
		if (isset($_REQUEST["passwd"])) {
			$passwd = $_REQUEST["passwd"];
			if ($passwd == "")
				$passwd = "123456";
		} else {
			$passwd = "123456";
		}			
		if ($name != "" && $info != "" && $limit != "") {
			$sql .= ", `username` = '".$name."', `userinfo` = '".$info."', `userlimit` = '".$limit."', `userpasswd` = '".$passwd."'";
		}
	}		
	$sql .= " where `filename` = '".$file."'";
	mysqli_query($link, $sql) or die(ECHO_MYSQL_ERROR_QUERY_TABLE_TO_CHANGE);				
	
	if (substr($file, -4) == ".zip") {
		$filenamelen = strlen($file);
		$filenamefolder = substr($file, 0, $filenamelen - 4);
		if (is_dir($path.$filenamefolder)) {
			remove_directory($path.$filenamefolder);
		}
		mkdir($path.$filenamefolder, 0777, true);//创建目录保存解压内容
	}	
	echo ECHO_OK;
} else {
	echo ECHO_ERROR;
}
mysqli_close($link);
?>